06 November 18, 15:19
Quote:Backdoor uses anti-forensics techniques to hinder analysis
The Inception threat group has been observed exploiting the CVE-2017-11882 Microsoft Office memory corruption vulnerability and a PowerShell-based backdoor dubbed POWERSHOWER in their most recent multi-stage attack campaign during October 2018.
In the attack campaign recently witnessed by Palo Alto Networks' Unite 42, Inception has remodeled their attack model using a single document that employs Microsoft Word remote templates to download remote VBScript exploit payloads packaged as OLE objects.
Source: https://news.softpedia.com/news/inceptio...3623.shtml
![[-]](https://www.geeks.fyi/images/collapse.png)
